Cyber Attacks - What you need to know
What is a Cyber Attack?
A cyber attack is an attempt to disable computers, steal data, or use a breached computer system to launch additional attacks. Cybercriminals use different methods to launch a cyber attack that includes malware, phishing, ransomware, man-in-the-middle attack, or other methods.
Types of Cyber Attacks
Malware is a term that describes malicious software, including spyware, ransomware, viruses, and worms. Malware breaches a network through a vulnerability, typically when a user clicks a dangerous link or email attachment that then installs risky software.
Phishing is the method of sending fraudulent communications that seems to come from a reputable source, usually through email. The goal is to steal or get sensitive data like credit card and login information or to install malware on the victim’s machine. Phishing is an increasingly common cyberthreat.
Man-in-the-middle (MitM) attacks, also called eavesdropping attacks, occur when attackers insert themselves into a two-party transaction. Once the attackers interrupt the traffic, they can filter and steal data.
Two common points of entry for MitM attacks:
- On unsecure public Wi-Fi, attackers can insert themselves between a visitor’s device and the network. Without knowing, the visitor passes all information through the attacker.
- Once malware has breached a device; an attacker can install software to process all of the victim’s information.
A denial-of-service attack fills systems, servers, or networks with traffic that exhaust resources and bandwidth. That makes the system incapable to fulfill legitimate requests. Attackers also use multiple compromised devices to launch this attack. This is known as a distributed-denial-of-service (DDoS) attack.
A Structured Query Language (SQL) injection happens when an attacker inserts malicious code into a server that uses SQL and forces the server to reveal information it normally would not. An attacker could carry out a SQL injection simply by submitting malicious code into a vulnerable website search box.
A zero-day exploit hits after a network vulnerability is announced but before a patch or solution is implemented. Attackers target the disclosed vulnerability during this window of time. Zero-day vulnerability threat detection requires constant awareness.
DNS tunneling utilizes the DNS protocol to communicate non-DNS traffic over port 53. It sends HTTP and other protocol traffic over DNS. There are various, legitimate reasons to utilize DNS tunneling. However, there are also malicious reasons to use DNS Tunneling VPN services. They can be used to disguise outbound traffic as DNS, concealing data that is typically shared through an internet connection. For malicious use, DNS requests are manipulated to exfiltrate data from a compromised system to the attacker’s infrastructure. It can also be used for command and control callbacks from the attacker’s infrastructure to a compromised system.
What are examples of a Cyber Attack?
Here are some examples of common cyber attacks and types of data breaches:
- Identity theft, fraud, extortion
- Malware, phishing, spamming, spoofing, spyware, trojans and viruses
- Stolen hardware, such as laptops or mobile devices
- Denial-of-service and distributed denial-of-service attacks
- Breach of access
- Password sniffing
- System infiltration
- Website defacement
- Private and public Web browser exploitsv
- Instant messaging abuse
- Intellectual property (IP) theft or unauthorized access
What happens during a Cyber Attack?
A cyber attack happens when cybercriminals try to gain illegal access to electronic data stored on a computer or a network. The intent might be to inflict reputational damage or harm to a business or person, or theft of valuable data. Cyber attacks can target individuals, groups, organizations, or governments.
Ways to prevent Cyber Attacks
There are 7 key strategies we recommend to use to protect a Small and Medium Business or organization from cyber attacks.
USE Multi-Factor Authentication
One of the most effective ways to prevent cyber attacks is to ensure that multi-factor authentication has been enabled for all applications that access the internet in an organization.
Having only a password login for employees is not enough. If employee passwords are compromised through a hack or through a phishing scam, cybercriminals may be able to easily access to the systems.
Enabling a multi-factor authentication process for logins instead will require employees to provide several pieces of information instead of just one. As a result, security will be heightened. It will be much more difficult for any unauthorized person to access the systems.
CREATE Robust Internal Controls
To prevent cyber attacks in an organization it’s also crucial that there are robust internal controls in place. Access controls will help ensure that system access is updated immediately once employees, contractors, and vendors leave the organization.
Controlling access for the system is essential for cyber attack prevention. When someone leaves the organization, then access must be revoked due to security reasons. If the access is not revoked for the former employees, contractors, and other relevant parties, they may be able to access the organizational system later on.
By monitoring who has access to the organizational systems, one can ensure greater security and can prevent security threats and potential problems in the future.
MANAGE Third-Party Security
In order to prevent cyber attacks and security threats, it’s also critical that one takes measures to manage third-party cyber risk.
It’s important to understand the responsibilities when it comes to third-party security. If there are any vendors or third parties who need to access organizational system, it’s crucial to be aware of the risks and to ensure heightened security.
Creating tight security controls, identifying potential cyber threats, and monitoring the network are all crucial to ensure that the system is secure.
EDUCATE Organizational Employees
Employee education is also one of the biggest keys to improving business security.
Organization should conduct cyber security awareness training when onboarding new employees. Employees should be provided with extra training at regular intervals. Holding annual training sessions can help ensure that the entire staff is aware of how to guard against security threats.
It’s also important to educate all the employees in the organization about phishing. Employees should be aware of as to what are and what aren’t considered normal requests via email and other correspondence methods.
This will create a business mode that is much more secure overall.
CREATE Data Backups
Organization should make regular backups of important business data. Backing up the data is an essential way to keep the business going strong. It’s an important measure to avoid a worst-case scenario whereby any crucial business data is lost.
Ensuring regular data backups makes sure that whatever happens the business won’t be at a total loss.
KEEP Entire Systems Updated
Keeping the systems and business software up to date is also a critical part of protecting any business. Running the latest software makes the data more secure and also makes business remain strong against all odds in the long run.
While some business owners find it frustrating for any need for constant updates, they’re necessary. New problems and vulnerabilities will come up in business software from time to time. Updates exist to patch software vulnerabilities and to guard against potential security threats.
There are sometimes significant expenses associated with updates to software and hardware. Yet, the result is usually well worth it.
INSTALL Antivirus Software and a Firewall
Finally, one must prevent security breaches and cyber attacks by installing antivirus software. Every computer in the organization should have an antivirus installed and then it must be updated regularly. One should ensure that a firewall is always in place.
How can Unisys help protect against Cyber Attacks?
Unisys is a trusted partner for managing your global security risks leveraging our experienced strategic security consultants to align your business and technology to processes, tools and techniques to your organization’s tolerance for risk, while systemically moving to a more efficient security program.
As part of our Security Consulting Services, we work with you to architect a security program that enables your organization to reduce the attack surface to the accepted risk level, maintain efficiencies, meet regulatory mandates and manage security over your global supply chain.